<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

/**
 * 不需要权限验证的控制类集成
 * CI_Controller
 * @author Cuil <lntschampion@163.com>
 * @date 2016-02-15
 */
class Login extends CI_Controller {
	
	public function __construct()
	{
		parent::__construct();
		@ob_clean() ;
		@session_start() ;
		$this->load->model('M_user');
		$this->load->model('M_log_login');
	}
	public function index()
	{
		//登录处理
		if($_POST || $_GET){
			$username = getParam($this->input->get_post("user_name"),'string');
			$password = getParam($this->input->get_post("user_pass"),'string');
			$yzm = getParam($this->input->get_post("yzm"),'string','2222');
                                     if($username != "admin"){
		             $title = $this->M_user->getTitle($username);
                                       if(empty($title)){
				unset($_SESSION['code']);
                exit(json_encode(array('code'=>1,'info'=>'对不起，您没权限')));
			}
		}
			if(empty($username)){
				unset($_SESSION['code']);
                exit(json_encode(array('code'=>1,'info'=>'请输入用户名')));
			}
			
			if(empty($password)){
				unset($_SESSION['code']);
                exit(json_encode(array('code'=>1,'info'=>'请输入密码')));
			}
			
			//通过用户名查询用户是否存在
			$info = $this->M_user->getUser($username);
			if(empty($info)){
				unset($_SESSION['code']);
                exit(json_encode(array('code'=>1,'info'=>'用户名不存在')));
			}
			
			//比较密码
			if(md5($password) != MD5($info['Password'])){
				unset($_SESSION['code']);
                exit(json_encode(array('code'=>1,'info'=>'密码错误')));
			}
			
			$where = array('PID'=>$info['PID']);
			$user = $this->M_user->getRow('*',$where);

			//存储cookie，(用户ID,用户名，过期时间)
			$arr = array(
				'user_id'=>DES_ADMIN::encrypt($info['PID']),
				'user_name'=>DES_ADMIN::encrypt($info['LoginName']),
				'user_key'=>DES_ADMIN::encrypt(md5($info['PID'].$info['LoginName'].ADMINUSERKEY)),
				'action_time'=>DES_ADMIN::encrypt($this->time + COOKIE_EXPIRE_TIME)
			);
			ssetcookie($arr,COOKIE_EXPIRE_TIME,'/',COOKIE_DOMAIN_PLAY);
			$uid = $info['PID'];//用户ID
			unset($_SESSION['code']);
			$this->M_log_login->write($info['PID'],$info['LoginName'],1);
            exit(json_encode(array('code'=>0,'info'=>'/login/index')));
//			$this->load->view('views_index.php',array('username'=>$info['LoginName']));
		}else {
			//echo 'out';exit;
            $userid = isset($_COOKIE['user_id']) ? DES_ADMIN::decrypt($_COOKIE['user_id']) : '';
            $username = isset($_COOKIE['user_name']) ? DES_ADMIN::decrypt($_COOKIE['user_name']) : '';
            $userkey = isset($_COOKIE['user_key']) ? DES_ADMIN::decrypt($_COOKIE['user_key']) : '';
            $action_time = isset($_COOKIE['action_time']) ? DES_ADMIN::decrypt($_COOKIE['action_time']) : '';

			//验证cookie key
			if(md5($userid.$username.ADMINUSERKEY) == $userkey && $action_time > $this->time){
				$this->M_log_login->write($userid,$username,1);
				$this->load->view('views_index.php',array('username'=>$username));
			}else {
				$this->load->view('views_login.php');
			}		
		}
	}

	//退出登录
	public function logout() {
		$_fromurl = isset($_SERVER["HTTP_REFERER"])?$_SERVER["HTTP_REFERER"]:'';
		$array = array('user_id' => '', 'user_name' => '','user_key'=>'' , 'action_time'=> '');
		ssetcookie($array, -1,'/',COOKIE_DOMAIN_PLAY);
        if (!empty($_fromurl)) {
            header("Location:/login/index");
//			header("Location:$_fromurl");
            exit;
        } else {
            header("Location:/login/index");
//			header("Location:login/index.do");
            exit;
        }
	}
	
	//生成验证码
	function code(){
		$this->load->library("code",array(
			'width'=>80,
			'height'=>35,
			'fontSize'=>20,
			'font'=>__ROOT__."application/fonts/font.ttf"
		));
		$this->code->show();
	}

	
	//校验验证码
	function check_code(){
		
		$yzm = daddslashes(html_escape(strip_tags($this->input->get_post("code"))));//code
		if(strtolower($_SESSION['code']) != strtolower($yzm) ){
			exit('验证码不正确');
		}
		exit('success');
	}

    //修改密码
    function passw_save(){
        $PID = $this->input->get_post('user_id');
        if(empty($PID)){
            $this->load->view('views_login.php');
        }
        if($_POST || $_GET){
            $yuan_pass = getParam($this->input->get_post("passWord"),'string');
            $newpass = getParam($this->input->get_post("newWord"),'string');
            $newPassword = getParam($this->input->get_post("newPassword"),'string');
            $userinfo = $this->M_user->getRow('*',array('PID'=>$PID));
            if($userinfo['Password'] != $yuan_pass){
                exit(json_encode(array('code'=>1,'info'=>'原密码不对','data'=>array())));
            }
            if($newpass != $newPassword){
                exit(json_encode(array('code'=>1,'info'=>'两次密码不一致','data'=>array())));
            }
            $this->M_user->updateData(array('Password'=>$newpass),array('PID'=>$PID));
            $_fromurl = isset($_SERVER["HTTP_REFERER"])?$_SERVER["HTTP_REFERER"]:'';
            $array = array('user_id' => '', 'user_name' => '','user_key'=>'' , 'action_time'=> '');
            ssetcookie($array, -1,'/',COOKIE_DOMAIN_PLAY);
            exit(json_encode(array('code'=>0,'info'=>'修改成功','data'=>array())));
        }
    }
}

/* End of file login.php */
